Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

🗓️ 23 Jan 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

The Oracle MySQL Server optimizer has authentication input validation flaws that can disrupt service.

Reporter	Title	Published	Views	Family All 46
Circl	CVE-2025-21492	21 Jan 202521:16	–	circl
CNNVD	Oracle MySQL 安全漏洞	21 Jan 202500:00	–	cnnvd
CNVD	Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02326)	24 Jan 202500:00	–	cnvd
CVE	CVE-2025-21492	21 Jan 202520:52	–	cve
Cvelist	CVE-2025-21492	21 Jan 202520:52	–	cvelist
Debian CVE	CVE-2025-21492	21 Jan 202520:52	–	debiancve
EUVD	EUVD-2025-2482	3 Oct 202520:07	–	euvd
Tenable Nessus	Oracle MySQL Server 8.0.x < 8.0.37 (January 2025 CPU)	19 Apr 202400:00	–	nessus
Tenable Nessus	Oracle MySQL Server 8.x < 8.4.1 (January 2025 CPU)	18 Jul 202400:00	–	nessus
Tenable Nessus	TencentOS Server 4: mysql (TSSA-2024:0671)	16 Jun 202500:00	–	nessus

Vulners

Node

oracle mysql_serverRange≤8.0.36

OR

oracle mysql_serverMatch8.4.0

Source	Link
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2025012217
oracle	www.oracle.com/security-alerts/cpujan2025.html
vuldb	www.vuldb.com/
altsp	www.altsp.su/obnovleniya-bezopasnosti/
web	www.web.nvd.nist.gov/view/vuln/detail

20 Jun 2025 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 34.9

CVSS 26.8

EPSS0.00916

Oracle MySQL Server authentication flaws input validation service disruption